Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
File:                     Mnib05LhxcabdCDMA2gDrxJYzvk.mft (raw, json)
Hash identifier:          nriA0xAwohMV3YExIBnyWPBtAkX9NudAj3ITAQW4eQ8=
Subject key identifier:   52:EF:D9:CC:37:B0:DC:25:87:01:9F:E2:A0:4B:9E:0A:96:A2:3C:BD
Authority key identifier: 32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9
Certificate issuer:       /CN=32789bd392e1c5c69b7420cc036803af1258cef9
Certificate serial:       0198745098BFAA60474324F69C3061902418
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
Manifest number:          0769
Signing time:             Mon 04 Aug 2025 09:01:35 +0000
Manifest this update:     Mon 04 Aug 2025 09:01:35 +0000
Manifest next update:     Tue 05 Aug 2025 09:01:35 +0000
Files and hashes:         1: Mnib05LhxcabdCDMA2gDrxJYzvk.crl (hash: 5cWJHOqQt5PFvetBqjcb0vrXrqbF1qXAzk4xoot2Dmw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 09:01:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:98:bf:aa:60:47:43:24:f6:9c:30:61:90:24:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32789bd392e1c5c69b7420cc036803af1258cef9
        Validity
            Not Before: Aug  4 09:01:35 2025 GMT
            Not After : Aug  5 09:01:35 2025 GMT
        Subject: CN=52efd9cc37b0dc2587019fe2a04b9e0a96a23cbd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:3b:d5:2e:d6:e9:03:89:3b:32:f6:14:60:cf:
                    c5:bb:c3:ce:f4:f4:eb:68:23:8d:78:de:0d:15:ef:
                    ac:96:e8:83:aa:d4:a3:00:88:d0:e9:e0:0a:d4:34:
                    5b:02:37:99:7c:39:31:1b:ae:99:1d:e5:b9:3d:59:
                    61:1b:57:e0:c6:2c:8b:a5:ff:f9:e4:b1:d2:04:4c:
                    ef:4a:f0:66:c3:75:05:22:62:21:c6:56:1e:55:52:
                    b0:e6:23:1a:b9:1c:57:92:2f:85:99:27:07:39:10:
                    5c:76:66:20:fa:9a:19:e6:9b:2b:ac:a9:d4:84:ee:
                    30:1d:93:7d:47:38:5e:49:d7:7b:7b:ce:bf:17:97:
                    d8:9f:e7:c3:12:a2:6e:bf:fe:01:8b:38:ac:70:83:
                    ef:9c:da:df:41:a1:eb:fa:40:e9:fa:65:5f:a8:fe:
                    94:43:f9:5b:47:0a:85:c1:e1:08:92:eb:69:d1:9f:
                    0d:b2:f5:af:a0:27:90:fa:23:1f:80:14:89:ed:3a:
                    e9:48:93:0c:69:8d:fb:64:ce:d9:2c:b8:a2:05:a7:
                    d4:38:e3:16:21:30:6d:5b:d7:e3:d5:fb:94:ed:02:
                    89:12:79:e2:d1:30:73:4b:0e:1f:59:dd:c1:b2:7f:
                    2e:85:e0:a3:35:00:6b:d3:56:1f:8c:ab:5f:92:06:
                    f7:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:EF:D9:CC:37:B0:DC:25:87:01:9F:E2:A0:4B:9E:0A:96:A2:3C:BD
            X509v3 Authority Key Identifier:
                keyid:32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:70:8f:c8:7f:fb:46:97:1f:2b:bb:ec:fc:b7:9b:24:c9:b9:
         ac:08:f9:6a:46:51:54:49:0a:38:c3:b9:9d:0c:57:55:3d:86:
         a0:61:70:97:c0:3d:8c:e4:aa:31:53:0d:37:de:ff:f0:26:60:
         ab:f0:df:89:15:87:4d:d3:9f:18:68:bf:a1:3d:46:62:dc:ca:
         6a:ca:6d:b5:0a:67:20:c9:1b:bd:f0:cc:e1:f2:cd:ef:a5:74:
         8c:4b:82:ff:fb:3f:5a:f8:27:63:55:fa:58:83:f7:c7:8d:c7:
         af:92:db:ea:85:23:37:08:34:96:b9:69:b1:f2:aa:5b:50:c0:
         ce:7e:4a:57:2a:64:d7:90:8b:e3:9b:a6:dd:25:9a:0d:21:bd:
         a7:4f:b0:ef:8d:cf:e5:81:de:5a:1d:2c:14:76:15:38:33:0c:
         83:15:36:f7:bb:14:3c:00:fb:36:07:a4:e0:7a:98:27:cb:4a:
         22:b7:d4:90:24:8c:2a:65:80:72:f0:bc:b4:f5:48:a6:09:30:
         fa:05:b9:b1:82:f3:29:9a:37:f9:2b:e7:ad:b0:8a:4e:f7:1e:
         99:92:f7:05:96:dc:36:83:11:ae:10:9d:fd:2d:5e:b2:e2:d8:
         ef:58:e9:0c:cb:ef:c5:9e:35:ee:3d:5d:cb:9c:b4:47:10:01:
         cc:70:65:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UJi/qmBHQyT2nDBhkCQYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNzg5YmQzOTJlMWM1YzY5Yjc0MjBjYzAzNjgwM2FmMTI1
OGNlZjkwHhcNMjUwODA0MDkwMTM1WhcNMjUwODA1MDkwMTM1WjAzMTEwLwYDVQQD
Eyg1MmVmZDljYzM3YjBkYzI1ODcwMTlmZTJhMDRiOWUwYTk2YTIzY2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jvVLtbpA4k7MvYUYM/Fu8PO9PTr
aCONeN4NFe+sluiDqtSjAIjQ6eAK1DRbAjeZfDkxG66ZHeW5PVlhG1fgxiyLpf/5
5LHSBEzvSvBmw3UFImIhxlYeVVKw5iMauRxXki+FmScHORBcdmYg+poZ5psrrKnU
hO4wHZN9RzheSdd7e86/F5fYn+fDEqJuv/4BiziscIPvnNrfQaHr+kDp+mVfqP6U
Q/lbRwqFweEIkutp0Z8NsvWvoCeQ+iMfgBSJ7TrpSJMMaY37ZM7ZLLiiBafUOOMW
ITBtW9fj1fuU7QKJEnni0TBzSw4fWd3Bsn8uheCjNQBr01YfjKtfkgb39wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFLv2cw3sNwlhwGf4qBLngqWojy9MB8GA1UdIwQY
MBaAFDJ4m9OS4cXGm3QgzANoA68SWM75MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMt
Mzg2NmQ0NDEyODkzLzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMtMzg2NmQ0NDEyODkz
LzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW3CPyH/7
RpcfK7vs/LebJMm5rAj5akZRVEkKOMO5nQxXVT2GoGFwl8A9jOSqMVMNN97/8CZg
q/DfiRWHTdOfGGi/oT1GYtzKaspttQpnIMkbvfDM4fLN76V0jEuC//s/WvgnY1X6
WIP3x43Hr5Lb6oUjNwg0lrlpsfKqW1DAzn5KVypk15CL45um3SWaDSG9p0+w743P
5YHeWh0sFHYVODMMgxU297sUPAD7Ngek4HqYJ8tKIrfUkCSMKmWAcvC8tPVIpgkw
+gW5sYLzKZo3+SvnrbCKTvcemZL3BZbcNoMRrhCd/S1esuLY71jpDMvvxZ417j1d
y5y0RxABzHBl3A==
-----END CERTIFICATE-----